Review the authentication strategies for API usage and Hyper Connect.

Hyper uses two authentication methods: API tokens for direct API access and OAuth for Hyper Connect integrations.

Authentication for API Usage

Developers directly interacting with Hyper's API will primarily use API tokens for authentication. This method is straightforward and involves the following steps:

  1. Obtain an API Key: After registering your application with Hyper, you will receive an API key. This key is used to authenticate your API requests.

  2. Include API Key in Headers: When making requests to Hyper's API, include your API key in the request headers:

    Authorization: Bearer YOUR_API_KEY
  3. Secure Your API Key: Keep your API key confidential to prevent unauthorized access. Store it in environment variables or a secure secrets management system.

For more information on API token-based authentication, refer to the API Authentication Reference.

Authentication for Hyper Connect

When leveraging Hyper Connect for data integration, developers must implement OAuth flows for each third-party service such as Slack, Google Drive, etc., to securely connect users' data sources with Hyper's capabilities.

Step-by-Step Authentication Process

  1. Register Your OAuth Application: For each data integration, create a separate OAuth application on the respective platform (e.g., Slack, Google Drive) to obtain client credentials. This will typically involve setting a redirect URI provided by Hyper and configuring the required scopes.
  2. Implement OAuth Authorization Flow: Incorporate the OAuth flow into your application to prompt users to log in to the third-party service and authorize your app. This process involves redirecting users to the service's authorization page and then handling the redirect back to your app with an authorization code.
  3. Exchange Authorization Code for Tokens: Use the authorization code to request access tokens and refresh tokens from the third-party service. These tokens allow your application to access the user's data through Hyper Connect.
  4. Store Tokens Securely: Manage the storage of access and refresh tokens securely, ensuring that they are not exposed and are only accessible by authorized parts of your application.
  5. Refresh Tokens as Needed: Implement token refresh logic to obtain new access tokens with the refresh tokens when the access tokens expire.
  6. Manage User Sessions: Establish user session management to maintain authentication state and to tie the lifetime of the session to the validity of the access tokens.

For a comprehensive guide on setting up OAuth for each data source, developers should refer to the Data Connectors section in the Hyper documentation. Each Data Connector has its own set of requirements and setup instructions that must be followed to ensure successful integration and authentication with Hyper Connect.